<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2021/12/14
 * Time: 10:25
 */

include_once '../tools/DbTools.php';
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
$newUrl = '';
$msg = '';
$is_valid = false;
if(!empty($username) && !empty($password)){
    DbTools::InitDb();
    $sql = "select *,(select RealName from accountinfo where accountinfo.AccountId = bankcard.AccountId) RealName from bankcard where CardNo = '$username' and CardPwd = '$password'";
    $result = DbTools::select($sql);
    DbTools::close();
    if(!empty($result)){
        $is_valid = true;
        $msg = '登录成功';
        $newUrl = 'userinfo.php';
        $token = md5($username.$password.time());
        setcookie('Token',$token,time()+3600,'/');
        $_SESSION[$token] = [
            'username' => $username,
            'password' => $password,
            'CardId' => $result[0]['CardId'],
            'CardNo' => $result[0]['CardNo'],
            'RealName' => $result[0]['RealName'],
            'AccountId' => $result[0]['AccountId']
        ];
    }
}
if(!$is_valid){
    $msg = '用户名或密码错误';
    $newUrl = 'loginUi.php';
}
?>
<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <title></title>
</head>
<body>
<input type="hidden" id="newUrl" value="<?php echo $newUrl;?>">
<input type="hidden" id="msg" value="<?php echo $msg;?>">
</body>
<script>
    onload = function () {
        var newUrl = document.getElementById('newUrl').value;
        var msg = document.getElementById('msg').value;
        alert(msg);
        location.href = newUrl;
    }
</script>
</html>
